While setting up a webserver, I noticed that fail2ban-client status did not list all of the rules that I’d configured in jail.d. Althought configuration files were added to the directory, the status wasn’t showing them listed, so it hadn’t activated the jails. Running service fail2ban restart didn’t add them either.
After spending some time researching, some people suggest changing the backend used in fail2ban from auto to polling in jail.conf. Since you shouldn’t edit jail.conf on a debian based system, I tried creating a new file nano /etc/fail2ban/jail.local and adding the line backend = polling. This actually prevented the fail2ban service from starting for me. The errors in systemctl status fail2ban.service didn’t show anything useful as to the cause of the error. In the end I reverted this change.
running fail2ban-client reload did present error messages detailing which rule couldn’t be activated:
ERROR No file(s) found for glob /var/log/apache2/*.log ERROR Failed during configuration: Have not found any log file for apache-xmlrpc jail
This then meant I was able to investigate the jail.d config file with the rule indicated as causing the problem and correct the log file path. fail2ban-client status then shows the correct jails running.
Leave a Reply